CVE-2017-7831
N/A
N/A
Summary
A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "exposedProps" mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects. This vulnerability affects Firefox < 57.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Mozilla | Firefox | unspecified < 57 | affected |
Weaknesses
- Information disclosure of exposed properties on JavaScript proxy objects
ADP Enrichment
CVE Program Container
Additional References
- https://www.mozilla.org/security/advisories/mfsa2017-24/
- http://www.securityfocus.com/bid/101832
- http://www.securitytracker.com/id/1039803
- https://bugzilla.mozilla.org/show_bug.cgi?id=1392026
References
- https://www.mozilla.org/security/advisories/mfsa2017-24/
- http://www.securityfocus.com/bid/101832
- http://www.securitytracker.com/id/1039803
- https://bugzilla.mozilla.org/show_bug.cgi?id=1392026
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.